<?php
/* Project Parasynthesis
*  Author: Fujiwara Sai
*  Usage: Prasy Function Operation
*/

define('NOROBOT', TRUE);
define('CURSCRIPT', 'operation');
require_once './include/common.inc.php';

if(empty($discuz_uid)) {
	dheader("Location: {$boardurl}");
}

if(empty($type)) {
	dheader("Location: {$boardurl}");
}

if ($type = "svp") {
	if ($operation = "new") {
		if (isset($_POST['url'])) {
			$url = trim($_POST['url']);
			if (strlen($url) == 0) {
				dheader("Location: {$boardurl}uid/".$discuz_uid);
			}
			if (substr(strtolower($url), 0, 7) == 'http://') {
				$url = substr($url, 7, strlen($url) - 7);
			}
			$url = mysql_real_escape_string(strip_quotes($url));
			$query = $db->query("SELECT svp_id FROM {$tablepre}savepoint WHERE svp_uid = '$discuz_uid' AND svp_url = '{$url}'");
			if ($db->num_rows($query) == 0) {
				$db->free_result($query);
				$query = $db->query("SELECT svp_id FROM {$tablepre}savepoint WHERE svp_uid = '$discuz_uid'");
					if ($db->num_rows($query) < 25) {
						$db->query("INSERT INTO {$tablepre}savepoint (svp_uid, svp_url, svp_created, svp_lastupdated) VALUES('{$discuz_uid}', '{$url}', '" . time() . "', '" . time() ."')");
						svp_update($discuz_uid);
						dheader("Location: {$boardurl}uid/".$discuz_uid);
					} else {
						dheader("Location: {$boardurl}uid/".$discuz_uid);
					}
			} else {
				dheader("Location: {$boardurl}uid/".$discuz_uid);
			}
		}
	}

	if ($operation = "del") {
		if (isset($_GET['savepoint_id'])) {
		$savepoint_id = intval($_GET['savepoint_id']);
		$query = $db->query("SELECT svp_id, svp_uid FROM {$tablepre}savepoint WHERE svp_id = '{$savepoint_id}'");
			if ($db->num_rows($query) == 1) {
				$svp = $db->fetch_array($query);
				if ($discuz_uid == $svp['svp_uid']) {
					$db->query("DELETE FROM {$tablepre}savepoint WHERE svp_id = '{$savepoint_id}' LIMIT 1");
					svp_update($discuz_uid,1);
					dheader("Location: {$boardurl}uid/".$discuz_uid);
				} else {
					dheader("Location: {$boardurl}uid/".$discuz_uid);
				}
			} else {
				dheader("Location: {$boardurl}uid/".$discuz_uid);
			}
		}
	}
} 

if ($type = "chl") {
	if ($operation = "new") {
		if (isset($_POST['chl_url'])) {
			$chl_url = trim($_POST['chl_url']);
			if (!$chl_title) {
				$chl_title = 'Feed'.rand(1,999);
			}
			if (strlen($chl_url) == 0) {
				dheader("Location: {$boardurl}dashboard");
			}
			if (substr(strtolower($chl_url), 0, 7) == 'http://') {
				$chl_url = substr($chl_url, 7, strlen($chl_url) - 7);
			}
			$chl_url = mysql_real_escape_string(strip_quotes($chl_url));
			$query = $db->query("SELECT chl_id 	FROM {$tablepre}channel WHERE chl_uid = '$discuz_uid' AND chl_url = '{$chl_url}'");
			if ($db->num_rows($query) == 0) {
				mysql_free_result($query);
				$query = $db->query("SELECT chl_id FROM {$tablepre}channel WHERE chl_uid = '$discuz_uid'");
					if ($db->num_rows($query) < 15) {
						$db->query("INSERT INTO {$tablepre}channel (chl_uid, chl_url, chl_title, chl_dateline) VALUES('{$discuz_uid}', '{$chl_url}', '{$chl_title}', '" . time() ."')");
						dheader("Location: {$boardurl}dashboard");
					} else {
						dheader("Location: {$boardurl}dashboard");
					}
			} else {
			dheader("Location: {$boardurl}dashboard");
			}
		}
	}
	
	if ($operation = "del") {
		if (isset($_GET['chl_id'])) {
		$chl_id = intval($_GET['chl_id']);
		$query = $db->query("SELECT chl_id, chl_uid FROM {$tablepre}channel WHERE chl_id = {$chl_id}");
			if ($db->num_rows($query) == 1) {
				$chl = $db->fetch_array($query);
				if ($discuz_uid == $chl['chl_uid']) {
					$db->query("DELETE FROM {$tablepre}channel WHERE chl_id = {$chl_id} LIMIT 1");
					dheader("Location: {$boardurl}dashboard");
				} else {
					dheader("Location: {$boardurl}dashboard");
				}
			} else {
				dheader("Location: {$boardurl}dashboard");
			}
		}
	}
}
?>